THIS invention relates to electronic identification systems and more particularly to such systems including radio frequency (RF) transponders and associated readers, interrogators and verifiers therefor.
A system of the aforementioned kind is typically used to mark and identify products or goods, and would further include a plurality of encoder units for writing data into respective memory arrangements of the transponders. In use, a transponder is attached to a product item and the data written into the transponder may relate to the kind of product, the date of manufacture and/or any other data relating to the product. Normally the data is written into the memory arrangement at the source of the product, but in some applications additional data may be written into the memory arrangement at various points along a distribution chain. Of course the data written into the memory arrangement can at any stage be read with a verifier, interrogator or reader.
In some applications, security arrangements are required which would prevent unauthorized parties from attaching non-genuine transponders (purporting to store data encoded by an authorised encoder) to grey or infringing goods, thereby facilitating passing the grey goods off as genuine goods.
Accordingly, it is an object of the present invention to provide a system and method with which the applicant believes transponders originating from an authorized source could be distinguished from non-genuine transponders.
According to the invention there is provided an electronic identification system, the system including:
at least one transponder encoder for writing data into a memory arrangement of a transponder;
a plurality of transponders adapted to receive data from the at least one encoder;
at least one verifier for interrogating a selected transponder and to read data stored in the transponder;
said encoder including means for providing an identification code characteristic of an entity externally of the transponder, to form part of the data to be written into the transponder;
the verifier including computing means for extracting the identification code from the data read thereby and for comparing the code to an authorized code; and indicator means for giving an indication whether the identification code corresponds to the authorized code.
The identity code is preferably characteristic of the encoder.
The encoder may include a memory arrangement wherein a plurality of identification codes for the encoder are stored and the means for providing an identification code may include a controller for randomly selecting one of the authorized codes.
The system may further include a central computer for generating the plurality of identification codes and for downloading the identification codes into the at least one encoder and into the at least one verifier, to constitute corresponding authorized codes.
The controller of the encoder may further include encryption means utilizing a first encryption algorithm and the identification code in a first encryption process, to provide encrypted data relating to the identification code, to form part of the data to be written into the transponder.
In a preferred embodiment the controller of the encoder is programmed randomly to select the first encryption algorithm from a first set of encryption algorithms pre-stored in the memory arrangement of the encoder.
Each encryption algorithm may be associated with a unique algorithm address in the memory arrangement of the encoder.
The algorithms may be downloaded from the central computer into the encoder upon start-up of the encoder. The algorithms are preferably also downloaded into memory locations of the verifier having corresponding addresses.
Each algorithm may include a function of at least one physical characteristic of the transponder, for example a clock frequency of circuitry of the transponder. The algorithm may be of a general form wherein the selected identification code is equal to at least one function of a suitable physical characteristic of the transponder plus a first remainder.
The data relating to the identification code and which forms part of the data to be written into the transponder may include the aforementioned first remainder. Preferably it consists of the first remainder only.
Data relating to the algorithm address of the selected algorithm may also be included in the data to be written into the memory arrangement of the transponder. The controller of the encoder may utilize a second algorithm and the data relating to the address in a second encryption process, to yield encrypted data relating to the algorithm address. The second algorithm may be of a general form wherein the algorithm address is equal to at least one function of an independent variable plus a second remainder.
The encrypted data relating to the algorithm address and which forms part of the data to be written into the transponder may include the aforementioned second remainder. Preferably it consists of the second remainder only.
The verifier may include computing means adapted to use the second algorithm to decrypt the encrypted data relating to the address for the first algorithm.
The computing means may further be programmed to retrieve the first algorithm, to input data relating to the physical characteristics of the transponder and to use said data and the first algorithm to decrypt the data relating to the identification code, to yield an output code.
The computing means of the verifier may further include a comparator for comparing the output code to the authorized codes which are stored in the memory arrangement of the verifier.
The indicating means of the verifier may include a display.
The verifier may form part of a reader for the transponders. Alternatively, it may be a separate unit.
Also included within the scope of the present invention is a method of verifying the authenticity of a transponder, the method including the steps of:
writing data into the transponder by an authorized transponder encoder;
including in the data, data relating to an identification code of an entity externally of the transponder;
reading the data written into the transponder with a verifier;
extracting from the data read, the data relating to the identification code;
comparing the extracted data to data relating to an authorized identification code for the entity; and
providing an indication whether the extracted data matches the data relating to authorized identification code.
The identification code may be characteristic of the encoder.
The encoder may have a plurality of identification codes associated therewith and the method may include the step of randomly selecting one of these codes for inclusion in the data to be written into the transponder.
Further according to the method of the invention a first encryption algorithm and the selected identification code may be used in a first encryption process to yield encrypted data relating to the identification code. Preferably the first algorithm is selectable from a first set of encryption algorithms. The algorithms may include a function of at least one physical characteristic of the transponder into which the data is to be written.
Each of the first set of encryption algorithms may be accessible by the encoder from a memory arrangement thereof utilizing a respective algorithm address. The method may include the further step of including data relating to the algorithm address of the selected algorithm in the data to be written into the transponder. A second algorithm and data relating to the address of the selected algorithm may be utilized in a second encryption process to yield encrypted data relating to the algorithm address for inclusion in the data to be written into the transponder.
The method may further include the step of utilizing at the verifier the data relating to the algorithm address to retrieve from a memory arrangement of the verifier the algorithm utilized during the first encryption process.
The method may further include the steps of: providing computing means in the verifier with data relating to the physical characteristics of the transponder; and utilizing said data and the retrieved algorithm to decrypt the encrypted data relating to the identification code.
The method may still further include the step of comparing the decrypted data relating to the identification code to the data relating to authorized identification codes stored in a memory arrangement of the verifier.
Also included within the scope of the invention is a method of programming data into a transponder, the method including the steps of:
electronically measuring a physical characteristic of the transponder and producing data relating thereto;
utilizing the produced data in an encryption algorithm to encrypt data to be written into the transponder; and
writing the encrypted data into a memory arrangement of the transponder.
The physical characteristic may be the frequency of a clock of the transponder and may be measured by receiving a response signal from the transponder and utilizing the received signal to measure the clock frequency. The encrypted data may be written into the transponder by transmitting it to the transponder.